International law enforcement and security experts have disrupted the activities of the financial Trojan Shylock, according to the UK National Crime Agency (NCA).

Announced on Thursday, the global takedown was led by the NCA alongside the FBI, Europol, Dell SecureWorks, GCHQ, Kaspersky Lab and other security firms. The groups "jointly addressed" the Shylock Trojan, seizing the Command and Control (C&C) servers — which relay instructions to the malware — in a series of stings, as well as taking control of the domains Shylock uses for communication between infected computers.

Shylock is so called because the malicious code contains excerpts from Shakespeare’s Merchant of Venice. Security experts at Symantec say that the Trojan is "seen as one of the world's most dangerous financial Trojans" as it is designed to intercept banking transactions conducted online and lifts victim credentials as a result.

More advanced than other banking Trojans, Shylock has a targeted distribution network that allows the cyberattackers to infect victims through multiple channels, and the Trojan has been continuously updated in response to countermeasures set by targeted banks. In addition, the malware is modular, allowing criminals to change its functionality quickly and easily.

Shylock is privately owned and has not been seen for sale in underground markets.

The stings were conducted from the European Cybercrime Centre (EC3) at Europol in The Hague, and investigators worldwide from the NCA, FBI, the Netherlands, Turkey and Italy coordinated action in their respective countries, acting at the same time as counterparts in Germany, Poland and France.

Symantec estimates that the cybercriminals behind Shylock have stolen a million dollars from victims over the past three years, with over 60,000 infections being detected in the past year alone. The NCA predicts that Shylock has infected at least 30,000 Windows computers worldwide, with the UK targeted more than any other country.

Troels Oerting, head of the European Cybercrime Centre (EC3) at Europol, said:

The European Cybercrime Centre is very happy about this operation against sophisticated malware, playing a crucial role in the work to take down the criminal infrastructure. [..] We have been able to support frontline cyber investigators, coordinated by the UK's NCA, and working with the physical presence of the United States' FBI and colleagues from Italy, Turkey and the Netherlands, with virtual links to cyber units in Germany, France and Poland.

Thank You

By registering you become a member of the CBS Interactive family of sites and you have read and agree to the Terms of Use, Privacy Policy and Video Services Policy. You agree to receive updates, alerts and promotions from CBS and that CBS may share information about you with our marketing partners so that they may contact you by email or otherwise about their products or services.
You will also receive a complimentary subscription to the ZDNet's Tech Update Today and ZDNet Announcement newsletters. You may unsubscribe from these newsletters at any time.